Reputation: 36
Anthos/Cloud Service Mesh - How to Set Ingress Gateway Log Format to JSON?
I provisioned a managed Anthos/Cloud Service Mesh and set the sidecar access logs to JSON using the MeshConfig.AccessLogEncoding property. Now, I am trying to configure the ingress gateway logs to use the JSON format as well.
I managed to achieve it by manually editing the ingress gateway pod and adding the --log_as_json container argument:
apiVersion: v1
kind: Pod
metadata:
...
spec:
containers:
- args:
- proxy
- router
- --domain
- $(POD_NAMESPACE).svc.cluster.local
- --proxyLogLevel=warning
- --proxyComponentLogLevel=misc:error
- --log_output_level=default:info
- --stsPort=15463
- --log_as_json
env:
- name: JWT_POLICY
value: third-party-jwt
...
This is a sample log entry in Cloud Logging:
{
"insertId": "...",
"jsonPayload": {
"level": "info",
"msg": "connected to upstream XDS server: meshconfig.googleapis.com:443",
"scope": "xdsproxy"
},
"labels": {
"compute.googleapis.com/resource_name": "...",
"k8s-pod/app": "...",
"k8s-pod/istio": "ingressgateway",
"k8s-pod/pod-template-hash": "5dd6f69c5f",
"k8s-pod/service_istio_io/canonical-name": "...",
"k8s-pod/service_istio_io/canonical-revision": "latest"
},
"logName": "...",
"receiveTimestamp": "...",
"resource": {
"labels": {
"cluster_name": "...",
"container_name": "istio-proxy",
"location": "...",
"namespace_name": "...",
"pod_name": "...",
"project_id": "..."
},
"type": "k8s_container"
},
"severity": "INFO",
"timestamp": "..."
}
However, ingress gateway deployment manifests are auto-injected by ASM by setting the inject.istio.io/templates: gateway annotation, and the --log_as_json container argument is not configured by the template:
apiVersion: apps/v1
kind: Deployment
…
template:
metadata:
annotations:
# This is required to tell Anthos Service Mesh to inject the gateway with the
# required configuration.
inject.istio.io/templates: gateway
…
spec:
containers:
- name: istio-proxy
image: auto # The image will automatically update each time the pod starts.
How can I instruct Anthos/Cloud Service Mesh to include --log_as_json in the container arguments when injecting the gateway template?
Upvotes: 0
Views: 95
Answers (0)
Related Questions
- Anthos Service Mesh Metrics
- Host name resolution for backend service on Anthos Service Mesh with Istio ingress-gateway
- Unable to call knative GCP Cloud Run service from another Kubernetes service running in the same cluster
- How do I map external traffic to the internal service mesh on GCP Traffic Director?
- Can I configure Google Global Load Balancer for multi region GKE Cluster
- Anthos Service Mesh/Istio CORS not enabled
- How to create ingress on istio service to cloud run anthos (knative)